{"id":229,"date":"2022-03-11T04:24:24","date_gmt":"2022-03-11T09:24:24","guid":{"rendered":"https:\/\/opentextbc.ca\/fortigatefirewall\/chapter\/security-profile\/"},"modified":"2023-08-29T16:27:13","modified_gmt":"2023-08-29T20:27:13","slug":"security-profile","status":"publish","type":"chapter","link":"https:\/\/opentextbc.ca\/fortigatefirewall\/chapter\/security-profile\/","title":{"raw":"7.2 Security Profile","rendered":"7.2 Security Profile"},"content":{"raw":"<div class=\"textbox textbox--learning-objectives\"><header class=\"textbox__header\">\n<p class=\"textbox__title\">Learning Objectives<\/p>\n\n<\/header>\n<div class=\"textbox__content\">\n<ul>\n \t<li class=\"hanging-indent\">Configure a Security Profile<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"textbox shaded\"><strong>Scenario<\/strong>: In this lab, we are going to become familiar with different types of Security Profile such as AntiVirus, File Filter, IPS and DNS Filter. WebTerm2 acts as a local computer and we set a Security Profile on traffic passing from Port2 to Port1.<\/div>\n\n[caption id=\"attachment_207\" align=\"aligncenter\" width=\"1207\"]<img class=\"wp-image-207 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2022\/04\/1.jpg\" alt=\"Security Profile main scenario\" width=\"1207\" height=\"504\"> Figure 7.9: Main scenario[\/caption]\n<ol>\n \t<li>We will continue the previous scenario and set up a DHCP server on port2.\n\n[caption id=\"attachment_217\" align=\"aligncenter\" width=\"500\"]<img class=\"wp-image-217\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2022\/04\/9-4.jpg\" alt=\"set up a DHCP server on port2\" width=\"500\" height=\"335\"> Figure 7.10: Enable DHCP Server on port2[\/caption]<\/li>\n \t<li>Go to <strong>security profile<\/strong> &gt; <strong>Anti-Virus<\/strong>, create a new profile:\n<ul>\n \t<li>Name: <strong>myantivirus<\/strong><\/li>\n \t<li>Scan Mode: <strong>full<\/strong><\/li>\n \t<li>Inspection Protocol: <strong>HTTP, SMTP, IMAP, POP3, FTP<\/strong><\/li>\n<\/ul>\n[caption id=\"attachment_218\" align=\"aligncenter\" width=\"1051\"]<img class=\"wp-image-218 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/10-3.jpg\" alt=\"AntiVirus Profile\" width=\"1051\" height=\"792\"> Figure 7.11: AntiVirus Profile[\/caption]<\/li>\n \t<li>Create a Firewall policy:\n<ul>\n \t<li>Name: <strong>Port2-to-Port1<\/strong><\/li>\n \t<li>Incoming Interface: <strong>Port2<\/strong><\/li>\n \t<li>Outgoing interface: <strong>port1<\/strong><\/li>\n \t<li>Source, Destination, Service: <strong>all<\/strong><\/li>\n \t<li>Security Profile: <strong>myantivirus<\/strong><\/li>\n<\/ul>\n[caption id=\"attachment_219\" align=\"aligncenter\" width=\"849\"]<img class=\"wp-image-219 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/11-3.jpg\" alt=\"Create a Firewall Policy and assign AntiVirus Profile\" width=\"849\" height=\"691\"> Figure 7.12: Create a Firewall Policy and assign AntiVirus Profile[\/caption]<\/li>\n \t<li>Go to <strong>Security Profile<\/strong> &gt; <strong>File Filter<\/strong>, Create a new profile:\n<ul>\n \t<li>Name: <strong>MyFileFilter<\/strong><\/li>\n \t<li>Create a New Filter rule\n<ul>\n \t<li>Name: <strong>Block-PDF-ZIP<\/strong><\/li>\n \t<li>Protocols: <strong>HTTP-FTP<\/strong><\/li>\n \t<li>File Type: <strong>PDF-ZIP<\/strong><\/li>\n \t<li>Action: <strong>Block<\/strong><\/li>\n \t<li>Direction: <strong>any<\/strong><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n[caption id=\"attachment_222\" align=\"aligncenter\" width=\"1027\"]<img class=\"wp-image-220 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1.jpg\" alt=\"File Filter profile\" width=\"1027\" height=\"723\"> Figure 7.13: File Filter profile[\/caption]\n\n[caption id=\"attachment_222\" align=\"aligncenter\" width=\"966\"]<img class=\"wp-image-221 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-1.jpg\" alt=\"\" width=\"966\" height=\"658\"> Figure 7.14: Blocking Pdf-Zip[\/caption]\n<ul>\n \t<li>Set the firewall Policy to <strong>Proxy mode.<\/strong><\/li>\n \t<li>Go to <strong>Policy &amp; Objects<\/strong> &gt; <strong>Firewall Policy<\/strong> and assign MyFileFilter to the \u201cPort2-to-Port1\u201d policy.<\/li>\n<\/ul>\n[caption id=\"attachment_222\" align=\"aligncenter\" width=\"851\"]<img class=\"wp-image-222 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-1.jpg\" alt=\"Assign File Filter profile to Firewall Policy\" width=\"851\" height=\"793\"> Figure 7.15: Assign File Filter profile to Firewall Policy[\/caption]<\/li>\n \t<li>Go to <a class=\"internal\" href=\"https:\/\/talebi.ca\/wp-content\/uploads\/2021\/11\/prtgdesktop.pdf\">http:\/\/talebi.ca\/wp-content\/uploads\/2021\/11\/prtgdesktop.pdf<\/a>\u00a0and verify your result.\n\n[caption id=\"attachment_223\" align=\"aligncenter\" width=\"400\"]<img class=\"wp-image-223 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/15-1-1.jpg\" alt=\"Go to http:\/\/talebi.ca\/wp-content\/uploads\/2021\/11\/prtgdesktop.pdf\u00a0 and verify your result.\" width=\"400\"> Figure 7.16: Verify configuration[\/caption]<\/li>\n \t<li>Go to <strong>Security Profile<\/strong> &gt; <strong>Intrusion Prevention<\/strong>, create a new profile:\n<ul>\n \t<li>Name: <strong>MyIPS<\/strong><\/li>\n \t<li>Add Signature: <strong>AAEH Botnet, Acuntix Web Vulnerability Scanner, Adobe Flash Player CSRF<\/strong>\n\n[caption id=\"attachment_224\" align=\"aligncenter\" width=\"910\"]<img class=\"wp-image-224 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/17-2.jpg\" alt=\"Intrusion Prevention Profile\" width=\"910\" height=\"631\"> Figure 7.17: Intrusion Prevention Profile[\/caption]<\/li>\n<\/ul>\n<\/li>\n \t<li>Go to <strong>Policy &amp; Objects<\/strong> &gt; <strong>Firewall Policy<\/strong> and assign MyIPS to the \u201cPort2-to-Port1\u201d policy.\n\n[caption id=\"attachment_225\" align=\"aligncenter\" width=\"818\"]<img class=\"wp-image-225 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/18-2.jpg\" alt=\"Assign IPS profile to Firewall Policy\" width=\"818\" height=\"514\"> Figure 7.18: Assign IPS profile to Firewall Policy[\/caption]<\/li>\n \t<li>Go to <strong>Security Profile<\/strong> &gt; <strong>DNS Filter<\/strong>, create a new profile:\n<ul>\n \t<li>Name: <strong>MyDNS<\/strong><\/li>\n \t<li>FortiGate Category Based Filter:\n<ul>\n \t<li>Bandwidth Consuming:<strong> Peer-to-Peer File Sharing<\/strong>: Block, <strong>Internet Radio and TV<\/strong>: Block<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n[caption id=\"attachment_228\" align=\"aligncenter\" width=\"752\"]<img class=\"wp-image-226\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/20-2.jpg\" alt=\"Assign DNS Filter Profile to Firewall Policy\" width=\"752\" height=\"451\"> Figure 7.19: Assign DNS Filter Profile to Firewall Policy[\/caption]\n\nYou can verify your configuration by visiting <strong>http:\/\/talebi.ca<\/strong>.\n\n[caption id=\"attachment_228\" align=\"aligncenter\" width=\"1227\"]<img class=\"wp-image-227 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/21-1.jpg\" alt=\"Verify configuration\" width=\"1227\" height=\"471\"> Figure 7.20: Verify configuration[\/caption]\n\nVerify your <strong>Log &amp; Report<\/strong> &gt; <strong>DNS Query<\/strong>.\n\n[caption id=\"attachment_228\" align=\"alignnone\" width=\"1258\"]<img class=\"wp-image-228 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/22.jpg\" alt=\"\" width=\"1258\" height=\"535\"> Figure 7.21: Verify[\/caption]<\/li>\n<\/ol>","rendered":"<div class=\"textbox textbox--learning-objectives\">\n<header class=\"textbox__header\">\n<p class=\"textbox__title\">Learning Objectives<\/p>\n<\/header>\n<div class=\"textbox__content\">\n<ul>\n<li class=\"hanging-indent\">Configure a Security Profile<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<div class=\"textbox shaded\"><strong>Scenario<\/strong>: In this lab, we are going to become familiar with different types of Security Profile such as AntiVirus, File Filter, IPS and DNS Filter. WebTerm2 acts as a local computer and we set a Security Profile on traffic passing from Port2 to Port1.<\/div>\n<figure id=\"attachment_207\" aria-describedby=\"caption-attachment-207\" style=\"width: 1207px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-207 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2022\/04\/1.jpg\" alt=\"Security Profile main scenario\" width=\"1207\" height=\"504\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1.jpg 1207w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-300x125.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-1024x428.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-768x321.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-65x27.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-225x94.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/1-350x146.jpg 350w\" sizes=\"auto, (max-width: 1207px) 100vw, 1207px\" \/><figcaption id=\"caption-attachment-207\" class=\"wp-caption-text\">Figure 7.9: Main scenario<\/figcaption><\/figure>\n<ol>\n<li>We will continue the previous scenario and set up a DHCP server on port2.<br \/>\n<figure id=\"attachment_217\" aria-describedby=\"caption-attachment-217\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-217\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2022\/04\/9-4.jpg\" alt=\"set up a DHCP server on port2\" width=\"500\" height=\"335\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/9-4.jpg 677w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/9-4-300x201.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/9-4-65x43.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/9-4-225x151.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2022\/04\/9-4-350x234.jpg 350w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><figcaption id=\"caption-attachment-217\" class=\"wp-caption-text\">Figure 7.10: Enable DHCP Server on port2<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>security profile<\/strong> &gt; <strong>Anti-Virus<\/strong>, create a new profile:\n<ul>\n<li>Name: <strong>myantivirus<\/strong><\/li>\n<li>Scan Mode: <strong>full<\/strong><\/li>\n<li>Inspection Protocol: <strong>HTTP, SMTP, IMAP, POP3, FTP<\/strong><\/li>\n<\/ul>\n<figure id=\"attachment_218\" aria-describedby=\"caption-attachment-218\" style=\"width: 1051px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-218 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/10-3.jpg\" alt=\"AntiVirus Profile\" width=\"1051\" height=\"792\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-3.jpg 1051w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-3-300x226.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-3-1024x772.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-3-768x579.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-3-65x49.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-3-225x170.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/10-3-350x264.jpg 350w\" sizes=\"auto, (max-width: 1051px) 100vw, 1051px\" \/><figcaption id=\"caption-attachment-218\" class=\"wp-caption-text\">Figure 7.11: AntiVirus Profile<\/figcaption><\/figure>\n<\/li>\n<li>Create a Firewall policy:\n<ul>\n<li>Name: <strong>Port2-to-Port1<\/strong><\/li>\n<li>Incoming Interface: <strong>Port2<\/strong><\/li>\n<li>Outgoing interface: <strong>port1<\/strong><\/li>\n<li>Source, Destination, Service: <strong>all<\/strong><\/li>\n<li>Security Profile: <strong>myantivirus<\/strong><\/li>\n<\/ul>\n<figure id=\"attachment_219\" aria-describedby=\"caption-attachment-219\" style=\"width: 849px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-219 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/11-3.jpg\" alt=\"Create a Firewall Policy and assign AntiVirus Profile\" width=\"849\" height=\"691\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-3.jpg 849w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-3-300x244.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-3-768x625.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-3-65x53.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-3-225x183.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/11-3-350x285.jpg 350w\" sizes=\"auto, (max-width: 849px) 100vw, 849px\" \/><figcaption id=\"caption-attachment-219\" class=\"wp-caption-text\">Figure 7.12: Create a Firewall Policy and assign AntiVirus Profile<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Security Profile<\/strong> &gt; <strong>File Filter<\/strong>, Create a new profile:\n<ul>\n<li>Name: <strong>MyFileFilter<\/strong><\/li>\n<li>Create a New Filter rule\n<ul>\n<li>Name: <strong>Block-PDF-ZIP<\/strong><\/li>\n<li>Protocols: <strong>HTTP-FTP<\/strong><\/li>\n<li>File Type: <strong>PDF-ZIP<\/strong><\/li>\n<li>Action: <strong>Block<\/strong><\/li>\n<li>Direction: <strong>any<\/strong><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<figure id=\"attachment_222\" aria-describedby=\"caption-attachment-222\" style=\"width: 1027px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-220 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1.jpg\" alt=\"File Filter profile\" width=\"1027\" height=\"723\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1.jpg 1027w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1-300x211.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1-1024x721.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1-768x541.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1-65x46.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1-225x158.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/12-1-350x246.jpg 350w\" sizes=\"auto, (max-width: 1027px) 100vw, 1027px\" \/><figcaption id=\"caption-attachment-222\" class=\"wp-caption-text\">Figure 7.13: File Filter profile<\/figcaption><\/figure>\n<figure id=\"attachment_222\" aria-describedby=\"caption-attachment-222\" style=\"width: 966px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-221 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-1.jpg\" alt=\"\" width=\"966\" height=\"658\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-1.jpg 966w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-1-300x204.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-1-768x523.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-1-65x44.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-1-225x153.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/13-1-1-350x238.jpg 350w\" sizes=\"auto, (max-width: 966px) 100vw, 966px\" \/><figcaption id=\"caption-attachment-222\" class=\"wp-caption-text\">Figure 7.14: Blocking Pdf-Zip<\/figcaption><\/figure>\n<ul>\n<li>Set the firewall Policy to <strong>Proxy mode.<\/strong><\/li>\n<li>Go to <strong>Policy &amp; Objects<\/strong> &gt; <strong>Firewall Policy<\/strong> and assign MyFileFilter to the \u201cPort2-to-Port1\u201d policy.<\/li>\n<\/ul>\n<figure id=\"attachment_222\" aria-describedby=\"caption-attachment-222\" style=\"width: 851px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-222 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-1.jpg\" alt=\"Assign File Filter profile to Firewall Policy\" width=\"851\" height=\"793\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-1.jpg 851w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-1-300x280.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-1-768x716.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-1-65x61.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-1-225x210.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/14-1-1-350x326.jpg 350w\" sizes=\"auto, (max-width: 851px) 100vw, 851px\" \/><figcaption id=\"caption-attachment-222\" class=\"wp-caption-text\">Figure 7.15: Assign File Filter profile to Firewall Policy<\/figcaption><\/figure>\n<\/li>\n<li>Go to <a class=\"internal\" href=\"https:\/\/talebi.ca\/wp-content\/uploads\/2021\/11\/prtgdesktop.pdf\">http:\/\/talebi.ca\/wp-content\/uploads\/2021\/11\/prtgdesktop.pdf<\/a>\u00a0and verify your result.<br \/>\n<figure id=\"attachment_223\" aria-describedby=\"caption-attachment-223\" style=\"width: 400px\" class=\"wp-caption aligncenter\"><img decoding=\"async\" class=\"wp-image-223 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/15-1-1.jpg\" alt=\"Go to http:\/\/talebi.ca\/wp-content\/uploads\/2021\/11\/prtgdesktop.pdf\u00a0 and verify your result.\" width=\"400\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/15-1-1.jpg 1210w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/15-1-1-300x195.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/15-1-1-1024x666.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/15-1-1-768x500.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/15-1-1-65x42.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/15-1-1-225x146.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/15-1-1-350x228.jpg 350w\" sizes=\"(max-width: 1210px) 100vw, 1210px\" \/><figcaption id=\"caption-attachment-223\" class=\"wp-caption-text\">Figure 7.16: Verify configuration<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Security Profile<\/strong> &gt; <strong>Intrusion Prevention<\/strong>, create a new profile:\n<ul>\n<li>Name: <strong>MyIPS<\/strong><\/li>\n<li>Add Signature: <strong>AAEH Botnet, Acuntix Web Vulnerability Scanner, Adobe Flash Player CSRF<\/strong><br \/>\n<figure id=\"attachment_224\" aria-describedby=\"caption-attachment-224\" style=\"width: 910px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-224 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/17-2.jpg\" alt=\"Intrusion Prevention Profile\" width=\"910\" height=\"631\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/17-2.jpg 910w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/17-2-300x208.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/17-2-768x533.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/17-2-65x45.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/17-2-225x156.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/17-2-350x243.jpg 350w\" sizes=\"auto, (max-width: 910px) 100vw, 910px\" \/><figcaption id=\"caption-attachment-224\" class=\"wp-caption-text\">Figure 7.17: Intrusion Prevention Profile<\/figcaption><\/figure>\n<\/li>\n<\/ul>\n<\/li>\n<li>Go to <strong>Policy &amp; Objects<\/strong> &gt; <strong>Firewall Policy<\/strong> and assign MyIPS to the \u201cPort2-to-Port1\u201d policy.<br \/>\n<figure id=\"attachment_225\" aria-describedby=\"caption-attachment-225\" style=\"width: 818px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-225 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/18-2.jpg\" alt=\"Assign IPS profile to Firewall Policy\" width=\"818\" height=\"514\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/18-2.jpg 818w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/18-2-300x189.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/18-2-768x483.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/18-2-65x41.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/18-2-225x141.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/18-2-350x220.jpg 350w\" sizes=\"auto, (max-width: 818px) 100vw, 818px\" \/><figcaption id=\"caption-attachment-225\" class=\"wp-caption-text\">Figure 7.18: Assign IPS profile to Firewall Policy<\/figcaption><\/figure>\n<\/li>\n<li>Go to <strong>Security Profile<\/strong> &gt; <strong>DNS Filter<\/strong>, create a new profile:\n<ul>\n<li>Name: <strong>MyDNS<\/strong><\/li>\n<li>FortiGate Category Based Filter:\n<ul>\n<li>Bandwidth Consuming:<strong> Peer-to-Peer File Sharing<\/strong>: Block, <strong>Internet Radio and TV<\/strong>: Block<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<figure id=\"attachment_228\" aria-describedby=\"caption-attachment-228\" style=\"width: 752px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-226\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/20-2.jpg\" alt=\"Assign DNS Filter Profile to Firewall Policy\" width=\"752\" height=\"451\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/20-2.jpg 847w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/20-2-300x180.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/20-2-768x461.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/20-2-65x39.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/20-2-225x135.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/20-2-350x210.jpg 350w\" sizes=\"auto, (max-width: 752px) 100vw, 752px\" \/><figcaption id=\"caption-attachment-228\" class=\"wp-caption-text\">Figure 7.19: Assign DNS Filter Profile to Firewall Policy<\/figcaption><\/figure>\n<p>You can verify your configuration by visiting <strong>http:\/\/talebi.ca<\/strong>.<\/p>\n<figure id=\"attachment_228\" aria-describedby=\"caption-attachment-228\" style=\"width: 1227px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-227 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/21-1.jpg\" alt=\"Verify configuration\" width=\"1227\" height=\"471\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/21-1.jpg 1227w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/21-1-300x115.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/21-1-1024x393.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/21-1-768x295.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/21-1-65x25.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/21-1-225x86.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/21-1-350x134.jpg 350w\" sizes=\"auto, (max-width: 1227px) 100vw, 1227px\" \/><figcaption id=\"caption-attachment-228\" class=\"wp-caption-text\">Figure 7.20: Verify configuration<\/figcaption><\/figure>\n<p>Verify your <strong>Log &amp; Report<\/strong> &gt; <strong>DNS Query<\/strong>.<\/p>\n<figure id=\"attachment_228\" aria-describedby=\"caption-attachment-228\" style=\"width: 1258px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-228 size-full\" src=\"https:\/\/opentextbc.ca\/wp-content\/uploads\/sites\/438\/2023\/08\/22.jpg\" alt=\"\" width=\"1258\" height=\"535\" srcset=\"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/22.jpg 1258w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/22-300x128.jpg 300w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/22-1024x435.jpg 1024w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/22-768x327.jpg 768w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/22-65x28.jpg 65w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/22-225x96.jpg 225w, https:\/\/opentextbc.ca\/fortigatefirewall\/wp-content\/uploads\/sites\/438\/2023\/08\/22-350x149.jpg 350w\" sizes=\"auto, (max-width: 1258px) 100vw, 1258px\" \/><figcaption id=\"caption-attachment-228\" class=\"wp-caption-text\">Figure 7.21: Verify<\/figcaption><\/figure>\n<\/li>\n<\/ol>\n","protected":false},"author":124,"menu_order":2,"template":"","meta":{"pb_show_title":"on","pb_short_title":"","pb_subtitle":"","pb_authors":[],"pb_section_license":""},"chapter-type":[],"contributor":[],"license":[],"class_list":["post-229","chapter","type-chapter","status-publish","hentry"],"part":206,"_links":{"self":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/229","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters"}],"about":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/types\/chapter"}],"author":[{"embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/users\/124"}],"version-history":[{"count":1,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/229\/revisions"}],"predecessor-version":[{"id":230,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/229\/revisions\/230"}],"part":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/parts\/206"}],"metadata":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapters\/229\/metadata\/"}],"wp:attachment":[{"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/media?parent=229"}],"wp:term":[{"taxonomy":"chapter-type","embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/pressbooks\/v2\/chapter-type?post=229"},{"taxonomy":"contributor","embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/contributor?post=229"},{"taxonomy":"license","embeddable":true,"href":"https:\/\/opentextbc.ca\/fortigatefirewall\/wp-json\/wp\/v2\/license?post=229"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}